locked
audiobooks digital signatures RRS feed

  • Question

  • The library offers download of audiobooks that require a digital signature on the computer.  This will not work on the public access computers because they cannot write the digital signature to the computer with the current public access toolkit. 

    My question is has anyone go this to work with Steady State? 

     

    Yes I know it is not a good idea for them to use public computers for this because once the computer is booted their digital signature is gone.  Hopefully they already have the book on thier MP3 player; if not they will have to download again.

     

    The feeling is if we are going to offer audio books we need to provide a way for the public who do not own a computer to use the service.  I have not found another library has found a way around the digital signature thing.

     

    This also came up at Christmas;  all these kids go ipods but did not have a computer.  Ipods use the digital signature thing as well.  Other MP3 players will work for music okay but not IPODS.

     

    -jackie

    Monday, July 16, 2007 4:58 PM

Answers

  • Thank you for your clarification. I understand that the solution has two problems.

     

    1.   must have administrator rights  to write to windows directory where digital signature lives

    >> Here I am not sure whether the folder permission of digital signature files is the only reason for the administrator rights requirement. If this is the case, we can customize the NTFS permission of the folder to enable normal user to write to the folder.

     

    Note: Before making the following changes, please make sure Windows Disk Protection (WDP) is configured to save changes.

     

    Step 1: Disable simple file sharing to show the Security tab

    ===========

    1. Click Start, and then click My Computer.

    2. On the Tools menu, click Folder Options, and then click the View tab.

    3. In the Advanced Settings section, clear the Use simple file sharing (Recommended) check box.

    4. Click OK.

     

    Step 2: To allow a specific public account to access the digital signature folder:

    ===========

    Note: If the system is Windows XP Home Edition, please press F8 when the computer starts and boot into Safe Mode with an administrator account to perform the following steps.

     

    1. Locate the folder which is used to store digital signature files. Right click it and then choose Properties.

     

    Note: By default, Media Player’s licenses are stored at: C:\Documents and Settings\All Users\DRM (hidden by default)

     

    2. Select the Security tab.

    3. Click the Add button. Type in the name of the public account. Click OK.

    4. High light the user account we added. Select the Allow check box for “Full Control”.

    5. Click OK.

     

     

    2.  assigning a space on the hard drive for the public to use for temporary storage .

    >> We can allow saving files to Desktop

    ===========

    a. Open SteadyState.

    b. Click the public use account

    c. Select the Windows Restrictions tab.

    d. Make sure the last restriction option in the restriction list is not selected. (Prevent users from saving files  to the desktop)

    e. Click OK.

     

    After competing the above steps, we can restart the computer and then restore WDP to  “Remove all changes at restart”. All the changes to the desktop and digital signature folder will be removed automatically.

     

    Best Regards,

    Monday, July 23, 2007 10:54 AM

All replies

  • What audio book site do you use?
    Monday, July 16, 2007 8:23 PM
  • NetLibrary

    -jackie

    Monday, July 16, 2007 9:18 PM

  • Hi Jackie,

     

    I have not used NetLibrary before and I am not very sure how its digital signature is installed and used. However, if you would like the digital signature to retain after you reboot a public computer, you can modify Windows Disk Protection options with the following steps:

     

    If you are using Shared Computer Access Toolkit, please refer to the following website:

     

    To make changes when Windows Disk Protection is on
    http://technet.microsoft.com/en-us/library/bb457134.aspx#EDAA

     

    If the toolkit has been upgraded to Windows SteadyState, you can perform the suggestions below:

     

    1. Log in with an administrator account.
    2. Start Windows SteadyState. Click "Protect the Hard Disk"
    3. Select  "Retain all changes permanently" mode.
    4. Install/import the digital signatures and then restart the computer.
    5. Restore the SteadyState to "Remove all changes at restart" mode.

     

    Best Regards,

     

    Shawn Shao
    Microsoft Online Community

    Wednesday, July 18, 2007 9:29 AM
  • Thanks

    I do not care if the digital signature is removed at boot.  The problem was the digitial signature is automatically saved to a windows directory.  The directory is only accessable if the the user has administrator rights.  I do not want to give the public administrator rights. 

     

    Most libraries do not allow the public to download the audiobooks at the library.  I guess because it is just too hard. 

    But if I could find a way I would like to offer it.

     

    I am just testing SteadyState but have run into these problems with the previous MS public computer toolkit.

    Steps of what I would like.

    1.  download audiobook to a place on the harddrive

    2.  copy their information to their MP3 player

    3.  at boot it is all wiped out.

     

    Problems:

    1.  must have administrator rights to write to windows directory where digital signature lives

    2. assigning a space on the hardddrive for the public to use for temporary storage .  With the c drive blocked the user cannot write to any part of it.  Possible solutions:  1.  let them borrow a flash drive; 2.  partition the harddrive, not block the new drive (problem is that patrition has to be cleaned at some point)

     

    I have also used the software version of Centurian Guard; it does partition the harddrive creating a "persistant" drive that I can set to wipe off on a set schedule.  The Persistant drive is actually a partition setup by the software shows up as something like F: and works just like a floppy.  It would be great if the digital signature wrote here as well.  But this is another tool.

    I have not seen anything in SteadyState that works like the "persistant" drive. 

     

    After I setup the first machine I will test with the audio download an report back the results.

    -jackie

     

     

     

     

    Friday, July 20, 2007 8:43 PM
  • Thank you for your clarification. I understand that the solution has two problems.

     

    1.   must have administrator rights  to write to windows directory where digital signature lives

    >> Here I am not sure whether the folder permission of digital signature files is the only reason for the administrator rights requirement. If this is the case, we can customize the NTFS permission of the folder to enable normal user to write to the folder.

     

    Note: Before making the following changes, please make sure Windows Disk Protection (WDP) is configured to save changes.

     

    Step 1: Disable simple file sharing to show the Security tab

    ===========

    1. Click Start, and then click My Computer.

    2. On the Tools menu, click Folder Options, and then click the View tab.

    3. In the Advanced Settings section, clear the Use simple file sharing (Recommended) check box.

    4. Click OK.

     

    Step 2: To allow a specific public account to access the digital signature folder:

    ===========

    Note: If the system is Windows XP Home Edition, please press F8 when the computer starts and boot into Safe Mode with an administrator account to perform the following steps.

     

    1. Locate the folder which is used to store digital signature files. Right click it and then choose Properties.

     

    Note: By default, Media Player’s licenses are stored at: C:\Documents and Settings\All Users\DRM (hidden by default)

     

    2. Select the Security tab.

    3. Click the Add button. Type in the name of the public account. Click OK.

    4. High light the user account we added. Select the Allow check box for “Full Control”.

    5. Click OK.

     

     

    2.  assigning a space on the hard drive for the public to use for temporary storage .

    >> We can allow saving files to Desktop

    ===========

    a. Open SteadyState.

    b. Click the public use account

    c. Select the Windows Restrictions tab.

    d. Make sure the last restriction option in the restriction list is not selected. (Prevent users from saving files  to the desktop)

    e. Click OK.

     

    After competing the above steps, we can restart the computer and then restore WDP to  “Remove all changes at restart”. All the changes to the desktop and digital signature folder will be removed automatically.

     

    Best Regards,

    Monday, July 23, 2007 10:54 AM
  • Thanks

    Sounds like it will work but this leaves me with a couple things:  what happens if I use "prevent users from creating folders and files in drive c:\: and I guess the information will be wiped with disk protection at boot.  Maybe they do not need to view it to use the digital signature. 

    I will get back with you after I test it, forgot my MP3 player at home ;-)

    -jackie
    Monday, July 23, 2007 6:21 PM
  • Hi Jackie,

     

    If the “Prevent users from creating folders and files in drive c:\” option is selected:

    ----------------

    To the digital signature files, we still need to make sure the public user has permission to access the store folder (please refer to Step 1 & 2 in my last post).

     

    To the media files, they cannot be saved to Desktop although “Prevent users from saving files  to the desktop” is unchecked. However, we can save them to “My Documents” of the public user.

     

    All the changes will be removed if Windows Disk Protection (WDP) is on and configured to remove changes at restart.

     

    I am waiting for your good news.

     

    Regards,

    Tuesday, July 24, 2007 7:23 AM